Separation notifications for wireless accessories

ABSTRACT

Embodiments described herein provide for a non-transitory machine-readable medium storing instructions to cause one or more processor to perform operations comprising establishing a wireless connection with a beacon peripheral, monitoring a connection state of the wireless connection, in response to detecting a loss of connection with the beacon peripheral, posting a separation notification for the beacon peripheral to a notification framework of the electronic device, deferring display of the notification during a reconnect interval, attempting to reconnect with the beacon peripheral during the reconnect interval, and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.

CROSS-REFERENCE

This application claims priority to U.S. Provisional Application Ser. No. 62/835,494, filed on Apr. 17, 2019 and U.S. Provisional Patent Application No. 62/855,976 filed Jun. 1, 2019, each of which are hereby incorporated herein by reference.

FIELD

Embodiments described herein relate generally to a system and method of locating wireless devices and accessories. More specifically, embodiments relate to an infrastructure to enable and suppress separation notifications for wireless accessories.

BACKGROUND OF THE DESCRIPTION

Current security features in handheld and portable products allow the location of the product to be identified when requested by the user, such as in instances where the product is lost or stolen. If the wireless device includes positioning technology, the device can be configured to report its last location to the server computer, which is displayed by the service on a map presented to the user. Often wireless devices are used with wireless accessory devices that cannot determine their location and cannot communicate with a remote tracking services over a wide area network. These accessory devices can include, for example, wireless earbuds, headphones, headsets and other wearable devices (e.g., smartwatches, fitness bands, optical head-mounted displays) that communicate directly with the wireless device using peer-to-peer communications. For wireless accessory devices that cannot determine their location and cannot communicate with the remote tracking service, those devices cannot be tracked by the service when lost or stolen.

SUMMARY OF THE DESCRIPTION

Embodiments described herein provide systems and methods to enable the display of separation notifications for wireless accessories, such as wireless beacon peripherals. In this context, a wireless beacon peripheral is a wireless device that is configured to transmit messages, beacons, advertisements, or other wireless transmissions, to other electronic devices to enable the other electronic devices to locate the wireless beacon peripheral.

Additionally, safe locations can be designated for beacon peripherals, such that separation notifications will not be presented for a beacon peripheral if the separation occurs within a location designated as a safe location for the peripheral. A safe location can be a location that has been identified to be a trusted location for the user. For example, a user can designate the home or office of the user or frequently visited locations as safe locations. In some embodiments, an electronic device of the user can infer or determine that a location is a safe location based on the user's daily routine. In one embodiment, wireless connections with beacon peripherals can be dropped while in a safe location to preserve the battery life of the peripheral and companion devices.

One embodiment provides for a non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, posting a separation notification for the beacon peripheral to a notification framework of the electronic device; deferring display of the notification during a reconnect interval; attempting to reconnect with the beacon peripheral during the reconnect interval; and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.

One embodiment provides for a non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, determining if the current location of the electronic device is indicated as a safe location for the beacon peripheral; and suppressing display of a separation notification for the beacon peripheral in response to a determination that the current location of the electronic device is a safe location.

The above summary does not include an exhaustive list of all embodiments in this disclosure. All systems and methods can be practiced from all suitable combinations of the various aspects and embodiments summarized above, and also those disclosed in the Detailed Description below.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention is illustrated by way of example and not limitation in the figures of the accompanying drawings in which like references indicate similar elements, and in which:

FIG. 1 is a block diagram of a network operating environment for mobile devices, according to an embodiment;

FIG. 2 illustrates a system to locate a wireless accessory that lacks access to a wide area network, according to an embodiment;

FIG. 3 illustrates a system for pairing and locating a wireless accessory, according to embodiments described herein;

FIG. 4A-4C are flow diagrams illustrating methods for use with the device locator systems described herein;

FIG. 5 is a flow diagram illustrating a method of broadcasting a signal beacon at a wireless accessory, according to an embodiment;

FIG. 6A-6B illustrate operations of a method that can be performed by a finder device, according to embodiments described herein;

FIG. 7 illustrates the gathering of signal and ranging data by a finder device, according to an embodiment;

FIG. 8 illustrates a networked system for locating devices and wireless accessories, according to an embodiment;

FIG. 9A-9C illustrate a device locator user interface, according to an embodiment;

FIG. 10 illustrates an accessory pairing user interface that is displayed when attempting to pair with a lost wireless accessory, according to an embodiment;

FIG. 11 is a block diagram illustrating an exemplary API architecture, which may be used in some embodiments of the invention;

FIG. 12 is a block diagram of a device architecture for a mobile or embedded device, according to an embodiment;

FIG. 13 is a block diagram of a computing system, according to an embodiment;

FIG. 14 illustrates a system for detecting and processing beacon data from wireless accessories;

FIG. 15 illustrates a system to enable separation notices for selected wireless accessories, according to an embodiment; and

FIG. 16A-16D illustrate user interfaces that present separation notifications for a beacon peripheral, according to an embodiment.

DETAILED DESCRIPTION

Embodiments described herein provide techniques to enable secure crowdsourced locator services for lost or misplaced devices that cannot communicate with a wide area network. Various embodiments and aspects will be described with reference to details discussed below, and the accompanying drawings will illustrate the various embodiments. The following description and drawings are illustrative and are not to be construed as limiting. Numerous specific details are described to provide a thorough understanding of various embodiments. However, in certain instances, well-known or conventional details are not described in order to provide a concise discussion of embodiments.

The terminology used in this description is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the description of the invention and the appended claims, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term “and/or” as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

In the discussion that follows, a computing device that includes a touch-sensitive display is described. It should be understood, however, that the computing device may include one or more other physical user-interface devices. The various applications that may be executed on the device may use at least one common physical user-interface device, such as the touch-sensitive surface. One or more functions of the touch-sensitive surface as well as corresponding information displayed on the device may be adjusted and/or varied from one application to the next and/or within a respective application. In this way, a common physical architecture (such as the touch-sensitive surface) of the device may support the variety of applications with user interfaces that are intuitive and transparent.

Some processes are described below in terms of some sequential operations. However, it should be appreciated that some of the operations described may be performed in a different order. Moreover, some operations may be performed in parallel rather than sequentially.

FIG. 1 is a block diagram of a network operating environment 100 for mobile devices, according to an embodiment. The network operating environment 100 includes multiple mobile devices, such as mobile device 102A and mobile device 102B. The mobile devices 102A-102B can each be any electronic device capable of communicating with a wireless network and one or more wireless accessory devices. Some example mobile devices include but are not limited to a smartphone, a tablet computer, a notebook computer, a wearable computer (e.g., smartwatch or other wearable computing accessory), a mobile media player, a personal digital assistant, and other similar devices. Each of mobile device 102A and mobile device 102B include a user interface, such as user interface 104 of mobile device 102B. Mobile device 102A and mobile device 102B can communicate over one or more wired and/or wireless networks 110 to perform data communication. For example, a wireless network 112 (e.g., cellular network, Wi-Fi network) can communicate with a wide area network 114, such as the Internet, by use of a gateway 116. Likewise, an access device 118, such as a mobile hotspot wireless access device, can provide communication access to the wide area network 114. The gateway 116 and access device 118 can then communicate with the wide area network 114 over a combination of wired and/or wireless networks.

In some implementations, both voice and data communications can be established over the wireless network 112 and/or the access device 118. For example, mobile device 102A can place and receive phone calls (e.g., using VoIP protocols), send and receive e-mail messages (e.g., using POP3 protocol), and retrieve electronic documents and/or streams, such as web pages, photographs, and videos, over the wireless network 112, gateway 116, and wide area network 114 (e.g., using TCP/IP or UDP). In some implementations, mobile device 102A can place and receive phone calls, send and receive e-mail messages, and retrieve electronic documents over the access device 118 and the wide area network 114. In some implementations, mobile device 102A or mobile device 102B can be physically connected to the access device 118 using one or more cables, for example, where the access device 118 is a personal computer. In this configuration, mobile device 102A or mobile device 102B can be referred to as a “tethered” device. In one embodiment, mobile device 102A can communicate with mobile device 102B via a wireless peer-to-peer connection 120. The wireless peer-to-peer connection 120 can be used to synchronize data between the devices.

Mobile device 102A or mobile device 102B can communicate with a service provider 115 that provides or enables one or more services. Exemplary services include a telephony service 130, a messaging service 140, a media service 150, a storage service 160, and a device locator service 170 over the one or more wired and/or wireless networks 110. For example, the telephony service 130 can enable telephonic communication between mobile device 102A and mobile device 102B, or between a mobile device and a wired telephonic device. The telephony service 130 can route voice over IP (VoIP) calls over the wide area network 114 or can access a cellular voice network (e.g., wireless network 112). The messaging service 140 can, for example, provide e-mail and/or other messaging services. The media service 150 can, for example, provide access to media files, such as song files, audio books, movie files, video clips, and other media data. The storage service 160 can provide network storage capabilities to mobile device 102A and mobile device 102B to store documents and media files. The device locator service 170 can enable a user to locate a lost or misplaced device that was, at least at some point, connected to the one or more wired and/or wireless networks 110. For example, mobile device 102A can perform a location query for mobile device 102B. The device locator service 170 can also enable location queries for devices that do not have a network connection via the use of a network of finder devices, as shown below in FIG. 2-3. Other services can also be provided, including a software update service to update operating system software or client software on the mobile devices. In one embodiment, the messaging service 140, media service 150, storage service 160, and device locator service 170 can each be associated with a cloud service provider, where the various services are facilitated via a cloud services account associated with the mobile devices 102A-102B.

FIG. 2 illustrates a system 200 to locate a wireless accessory 201 that lacks access to a wide area network, according to an embodiment. The system 200 can also be used to locate a device that is unable to access a WAN or LAN, and thus cannot transmit the device location. In one embodiment, the wireless accessory 201 includes one or more wireless transceivers and can communicate, either directly or indirectly (e.g., through another device or computer) with a companion device (e.g., mobile device 102) over a wireless network or peer-to-peer communication link. Some examples of wireless accessory devices include but are not limited to wireless earbuds, headphones, headsets and other wearable devices (e.g., smartwatches, fitness bands, optical head-mounted displays). The wireless accessory 201 can also include other wireless devices such as game controllers or remote controls. The wireless accessory 201, in one embodiment, also includes smartphones, tablet computers, laptop computers, smart speaker devices, televisions, or television set top boxes that at least temporarily are unable to access a wide area network, such as the Internet (e.g., wide area network 114 as in FIG. 1). The wireless accessory can also be any other wireless device, including beacons or locator tags that can be attached to other devices or items to enable the tracking or locating of those devices or items. In one embodiment, the wireless accessory 201 can be paired with the mobile device 102 using a wireless technology standard, such as but not limited to Bluetooth. The wireless accessory 201 can also communicate with the mobile device 102 over wireless technologies such as Wi-Fi direct, Zigbee, or other similar technologies. While the companion device to which the wireless accessory 201 is paired is generally referred to as a mobile device 102, companion devices are not limited to mobile devices. Companion devices, in some embodiments, can also include laptop or desktop devices and can additionally include some wearable accessories, such as but not limited to a smart watch device or a wearable display.

In one embodiment, the wireless accessory 201 can periodically transmit a wireless beacon signal. The wireless accessory 201 can transmit the beacon signal using one of a variety of wireless technologies described herein (e.g., Bluetooth, Wi-Fi, etc.) and in one embodiment can also beacon using an ultra-wide band (UWB) radio technology. The beacon signal can be transmitted using a single wireless technology, one of multiple selectable wireless technologies, or multiple simultaneous wireless technologies. The beacon signal can transmit a beacon identifier that includes information to specifically identify the wireless accessory 201. In one embodiment, the beacon identifier is a public encryption key associated with the device.

The beacon signal can also convey information about the wireless accessory 201, such as a beacon type, device classification, battery level. In one embodiment the beacon signal can also convey device status, such as a lost status, alarm status, or a near owner status. The beacon signal can also include information that specifies battery life, charging status, and/or other status information. The lost status can indicate that the wireless accessory 201 has determined itself to be lost or has been placed into a lost state by the owner of the device. The alarm status can indicate that the wireless accessory 201 was placed in a state that the device should trigger an alarm if moved from a current location. The near owner status can indicate that the wireless accessory 201 has detected the nearby presence of the mobile device 102 associated with the owner of the accessory.

The beacon signal can be detected by a finder device 202, which is locally proximate to the wireless accessory 201. The finder device 202 can be a similar device as the mobile device 102 and can receive and transmitting data over a wide area network 114 and receiving and transmitting using similar wireless technologies as the wireless accessory 201 (e.g., Bluetooth, etc.). Particularly, the finder device 202 can receive data using the wireless protocol over which the beacon signal is transmitted. The finder device 202 can determine a location using one or more location and/or positioning services including, but not limited to a satellite positioning service 206 or a terrestrial positioning system using RF signals received from wireless base stations 205 such as Wi-Fi access points or cell tower transmitters of a cellular telephone network. In an embodiment, the finder device 202 periodically stores its location as determined based on the one or more location and/or positioning services. The stored location can be associated with a timestamp for which the location was determined. When the finder device 202 receives a beacon signal from the wireless accessory 201, the finder device 202 can transmit a location for the finder device over the wide area network 114 to a device locator server 203. The timestamp for a determined location for the finder device 202 can be correlated with a timestamp for which a beacon signal was received to associate a geographic location with a received beacon signal. In one embodiment, the wireless accessory 201 includes location determination capability via an integrated satellite positioning service (e.g., GPS) receiver. If the wireless accessory lacks access to a network to send a location to the device locator server 203, the wireless accessory can encode encrypted location data within the beacon signal 301. Finder device 202 can then relay the encrypted location data to the device locator server 203.

Where the wireless accessory 201 provides a public key within the beacon signal, the finder device 202 can encrypt the determined location data and transmit the encrypted location data to the device locator server 203 over the wide area network 114. In one embodiment, additional data can either be encrypted and transmitted along with the location data or transmitted unencrypted to the device locator server 203. For example, a received signal strength indicator (RSSI) for the beacon signal can be transmitted along with the location data. The RSSI data can then be used to determine the distance of the wireless accessory 201 from the finder device 202 and assist in triangulation on the owner device. Where the RSSI data is transmitted in an unencrypted state, in one embodiment the server can use RSSI information to reduce noise by discarding very weak signals if other, stronger signals are present. In one embodiment, UWB ranging data can also be provided, where such data is available.

In one embodiment, the finder device 202 can behave differently upon receiving a beacon signal from a wireless accessory 201 depending upon a device status conveyed by the wireless accessory 201. For standard beacon signals, the finder device 202 can place encrypted location data into a queue and transmit the location data to the device locator server 203 during a periodic transmission window. However, if the wireless accessory 201 is indicating an alarm state, the finder device 202 can transmit the location data to the device locator server 203 immediately. Additionally, the finder device 202 may not transmit the location data to the device locator server 203 if the beacon signal of the wireless accessory 201 indicates that the accessory is near the owner of the accessory. Alternatively, the finder device 202 may delay transmission of encrypted location data.

If the owner of the wireless accessory 201 wishes to locate the wireless accessory, the owner can access a device locator user interface (e.g., device locator UI 204) on the mobile device 102. The device locator UI 204 can be associated with a device locator application that is used to locate electronic devices and accessories that are registered with an online account of the user, such as a cloud services account or another type of online account. The device owner, using the device locator UI 204, can query the device locator server 203 for location data that may have been transmitted to the device locator server by a finder device 202 of the wireless accessory 201. In one embodiment, the mobile device 102 can transmit the public encryption key associated with the wireless accessory 201 to the device locator server 203. The device locator server 203 can then return any stored location data that corresponds with the public encryption key. The location data returned to the mobile device 102 can be encrypted data that is encrypted by the finder device 202 using the public encryption key. The mobile device 102 can use an associated private key to decrypt the encrypted location data. The decrypted location data can then be processed by the mobile device 102 to determine a most probable location for the wireless accessory 201. In various embodiments, the most probable location for the wireless accessory 201 can be determined by triangulation from multiple received locations and using other data, such as a beacon signal RSSI associated with each location and timestamp or UWB ranging data included within the location data.

FIG. 3 illustrates a system 300 for pairing and locating a wireless accessory, according to embodiments described herein. In one embodiment a mobile device 102 of a user of the wireless accessory 201 can present an accessory pairing UI 302 by which the user can pair the mobile device 102 with the wireless accessory 201. During an initial pairing (305) between the mobile device 102 and the wireless accessory, a public key exchange (310) can be performed between the mobile device and the wireless accessory. In one embodiment, during the public key exchange (310) the mobile device 102 and the wireless accessory 201 exchange public keys of public key pairs generated by the device and the accessory. In one embodiment the public key exchange (310) is a one-way transfer, in which the mobile device 102 transmits a public key of a public/private key pair to the wireless accessory 201. Alternatively, or additionally, the public key exchange (310) may be a Diffie-Hellman key exchange in which the device and the accessory establish a shared secret between two parties. In one embodiment, the public key exchange (310) additionally uses elliptic curve cryptography to establish the shared secret. For example, Elliptic-curve Diffie-Hellman (ECDH) can be used to enable the establishment of a public key pair and one or more shared secrets. In one embodiment, the one or more shared secrets include an anti-tracking secret, which can be used by the wireless accessory 201 to periodically derive additional public keys. In one embodiment, instead of using public key cryptography with a broadcasted public key, the wireless accessory can advertise a temporary identity and subsequently use identity-based encryption. With identity-based encryption, the public key is, or is derived from, some unique element of information about the identity of the user, such as an e-mail address. The entity that is to decrypt the encrypted information can obtain the decryption key from a trusted central authority.

After the wireless accessory 201 has been paired with the mobile device 102, the wireless accessory 201 can periodically broadcast a beacon signal 301 that includes device status information and a beacon identifier. In one embodiment the beacon identifier is a public key derived from a shared secret that is established during the public key exchange (310). Additionally, the wireless accessory 201 can periodically perform a public key derivation (315) to generate a new public key and begin broadcasting the new public key as the beacon identifier. The public key is a K-byte key, with a new K-byte key generated or rotated into use every M minutes. The value K and M can vary between embodiments. In one embodiment, a K value of 28 bytes is used. In one embodiment, a K value of 27 bytes is used. The value K can be determined at least in part based on the beacon length associated with the wireless protocol used to transmit the beacon signal 301. In one embodiment, the beacon signal can transmit a variant of beacon advertisement packet associated with a low-energy radio protocol, such as Bluetooth Low Energy.

The value M, in one embodiment, is 15 minutes, such that a new K-byte key is generated every 15 minutes. The public key can be derived deterministically based on a timestamp and an anti-tracking secret generated during the public key exchange 310. The public key derivation (315) process enables the wireless accessory 201 to use different keys over time, preventing the long-term association with a specific key with a specific device. The key can be derived based on an anti-tracking secret known only to the mobile device 102 and the wireless accessory 201, allowing the mobile device 102, and only the mobile device, to determine which public key will be broadcast by the wireless accessory 201 at any given timestamp. The anti-tracking secret can be generated along with an ECDH public key and transferred to the wireless accessory 201. The anti-tracking secret can then be used to enable the wireless accessory 201 to generate a sequence of public keys P_(i). In one embodiment, the sequence of public keys P_(i)=λ_(i)·P, which defines a group operation between a scalar or exponent value λ_(i) and group elements, such as, for example, Elliptic Curve points P. The scalar or exponent value λ=KDF(AT, i), where KDF is a key derivation function, AT is the anti-tracking secret, and i is a counter or timestamp.

In one embodiment, backtracking resistance can be enabled to protect the anti-tracking secret in the event the wireless accessory 201 is compromised. When backtracking resistance is enabled, the anti-tracking secret is transferred to the wireless accessory 201 but is not retained by the wireless accessory. Instead, the accessory computes a value λ_(i+i)=H(λ_(i)∥time), with λ₀=AT and H being a cryptographic hash function. The wireless accessory 201 then stores λ_(i) for a given time period i. If the wireless accessory 201 is compromised, only λ_(i) for current and future values of i is exposed, without exposing the anti-tracking secret AT. In one embodiment, backtracking resistance is performed by periodically writing λ_(i) to non-volatile memory of the wireless accessory 201. This approach is one of several that may be used. In various embodiments, other key security techniques may also be used. For example, a key generation and diversification technique as described below with respect to FIG. 15-16 may be used in one embodiment.

In one embodiment the wireless accessory 201 can transmit the beacon signal 301 every two seconds, although other beacon rates can be used, and the beacon rate can vary under certain circumstances. For example, the wireless accessory 201 can decrease a beacon rate when in a near owner state. Beacon rate can also vary based on accelerometer triggered events. For example, the wireless accessory 201 can increase the beacon rate when in an alarm state, which can be triggered by the accelerometer on the wireless accessory 201.

The wireless accessory 201 can enter the near owner state if, after transmitting the beacon signal 301, the wireless accessory 201 receives a reply from the mobile device 102 associated with the user of the accessory, which indicates that the mobile device 102 is within range of the wireless accessory. Additionally, while the wireless accessory is in the near owner state, the amount of data transmitted by the beacon signal 301 may be reduced, for example, as shown in FIG. 25B. In one embodiment, the advertisement rate of the wireless accessory 201 may be reduced while wireless accessory is in the near owner state.

The wireless accessory 201 can enter an alarm state upon receiving a message from the mobile device 102 that indicates that the wireless accessory 201 should enter the alarm state. When in the alarm state, the wireless accessory can initially enter an armed state in which the wireless accessory 201 can reduce or cease the transmission of locator beacon signals, although other types of wireless signaling can persist. The wireless accessory 201 can remain in the armed state until the state is deactivated by the mobile device 102 or alarm is triggered. The alarm can be triggered, in one embodiment, upon detection of movement, for example, via an accelerometer within the wireless accessory 201. The alarm can also be triggered, in one embodiment, upon detection that the wireless accessory has moved out of range of the mobile device and is no longer in the near owner state. When the alarm is triggered, the rate at which the beacon signal 301 can be increased, to increase the speed by which the wireless accessory 201 can be located.

The beacon signal 301 transmitted by the wireless accessory 201 can be detected by a set of finder devices 303, which are other electronic devices that can receive the beacon signal transmitted by the wireless accessory and are transmit location and other data associated with the beacon signal 301 to the device locator server 203 via the wide area network 114. In one embodiment the set of finder devices 303 include variants of the mobile device 102 or can be other types of electronic devices. The set of finder devices 303 can include a variant of the finder device 202 of FIG. 2 and can determine similar location determination techniques. For example, the set of finder devices can perform operations (320) to correlate the beacon signal 301 received from the wireless accessory 201 with a device location associated with the finder device. As described with respect to FIG. 2, the device location can be determined via a satellite positioning service or a terrestrial positioning system that uses RF signals received from wireless base stations (e.g., Wi-Fi access points or cell tower transmitters). In one embodiment the set of finder devices 303 can also include stationary devices such as smart speaker devices, televisions, or television set top boxes that can receive the beacon signal 301.

The set of finder devices 303 can encrypt the location data with the beacon identifier (e.g., public key) received within the beacon signal 301 and send the location data (325) to the device locator server 203. The data sent by the set of finder devices 303 is sent anonymously and no identifying information for the finder devices is stored with the data sent by the finder devices.

The device locator server 203 can store encrypted location data in a data store 304, which in one embodiment can be a distributed database having multiple nodes. Hashes of the beacon identifier/public key of an accessory can be sent along with encrypted location data. The encrypted location data can be stored to a database node based on a hash of the beacon identifier. The encrypted location data can be indexed by the device locator server 203 using the hash of the beacon identifier. Sending the hash of the beacon identifier instead of the full beacon identifier prevents the storage of the full beacon identifier to the server. Other information can also be sent and stored with the location data, either in an encrypted or unencrypted state. The other information can include timestamps for when the beacon signal 301 was received, RSSI information for the received beacon, and/or ranging information determined, for example, via UWB ranging.

When the user or owner of the wireless accessory 201 wishes to locate the accessory, the user or owner can access the device locator UI 204 on the mobile device 102. The device locator UI 204 can be associated with a device locator application or feature of the mobile device 102. The device locator UI 204 may also have a web-based interface that can be accessed from the mobile device 102 or another type of electronic device, such as a laptop or desktop device. The mobile device 102, upon loading the device locator UI 204, can send a request (330) for location data to the device locator server 203. The request 330 can include a set of public key hashes, which can serve as beacon identifiers for the beacon data. The mobile device 102 can generate the set of public keys based on the secret information held by the mobile device 102 and the wireless accessory 201 and the timestamps over which the mobile device 102 wishes to receive location data. In one embodiment the set of public keys is the sequence of public keys P_(i) that are generated based on the anti-tracking secret. The sequence of public keys P_(i) corresponds to a matching sequence of private keys d_(i). The mobile device 102 can generate the sequence of public keys, as well as the corresponding sequence of public keys d_(i), where i is a counter or timestamp. In one embodiment, the mobile device 102 can generate and send hashes for the previous 24 hours of public keys within the request 330. If no data is found for 24 hours of public keys, the mobile device 102 can send hashed keys for an earlier period, back to a pre-determined location data retention limit.

The encrypted location data is stored and indexed based on a hash of the public key instead of the public key to prevent the provider of the location service data from storing data that can be used to tie the encrypted location data to a specific device, and thus a specific user or user account. The finder device sends the hash of the public key that is broadcast within the beacon signal 301 associated with an observation location. The owner of the device can query the device locator server 203 using a hash of the public key that is determined for a query period.

In some embodiments, if a location query is to be performed via the web-based interface from an electronic device, such as a laptop or desktop device, keys to enable the decryption of the location data may be required to be sent to the electronic device. In one embodiment, decryption keys for the location data may be sent to the server that provides the web-based interface to enable the server to decrypt location data, at least while the location data is being viewed through the web-based interface. Before location data is displayed via the web-based interface, a notice may be presented to inform the user that location decryption keys are being temporarily shared with the web-based interface server to enable location data to be decrypted and presented. In one embodiment, the sharing of the location decryption keys can be performed via an automatic and temporarily delegation of location query rights with a proxy account associated with the web-based interface.

In one embodiment, the wireless accessory 201 can be placed in a light lost mode. In the light lost mode, a set of future public keys can be generated for the wireless accessory and hashes of those public keys can be transmitted to the device locator server 203. The device locator server 203 can then notify the mobile device 102 if any location data is received that correspond with a key in the set of future public keys. In one embodiment, a finder device that sends a location for a wireless accessory that is in the light lost mode can be directed by the device locator server 203 to relay a message to the wireless accessory 201 that notifies the wireless accessory that it is in the light lost mode. A similar mechanism can be used to relay a message to the wireless accessory 201 that places the accessory in an explicit lost mode. The explicit lost mode can be enabled by the user via the device locator UI 204. In the explicit lost mode, the wireless accessory 201 cannot be paired with another device unless unlocked by the owner.

FIG. 4A-4C are flow diagrams illustrating methods for use with the device locator systems described herein. FIG. 4A illustrates a method 400 to pair a mobile device with a wireless accessory. FIG. 4B illustrates a method 410 to determine a location for a wireless accessory via a device locator server. FIG. 4C illustrates an additional method 420 to determine a location for a wireless accessory via a device locator server. Aspects of method 400, 410, and 420 are also illustrated in FIG. 2 and FIG. 3, as described above. For example, the description of the operations below refers to the mobile device 102, wireless accessory 201 and device locator server 203.

As shown in FIG. 4A, method 400 includes an operation (block 401) that performs an initial pairing with a wireless accessory. The initial pairing can be a Bluetooth pairing or another type of pairing using other wireless radio technologies. During the initial pairing, the mobile device and the wireless accessory can exchange identifiers, passkeys, or other credentials that enables a wireless data exchange to be performed between a mobile or another electronic device and the wireless accessory. On one embodiment the initial paring with the wireless accessory can include the exchange of credentials associated with the wireless protocol for which the pairing is performed, allowing all data exchanged wirelessly to have at least a first layer of encryption.

The mobile device can then generate a public/private key pair and one or more additional shared secrets (block 402). The device can then send the public key and one or more additional shared secrets to the wireless accessory (block 403). A variety of key generation techniques can be used. In one embodiment, a variant of ECDH is used to generate a public key pair for encryption. In one embodiment, the one or more additional shared secrets can include an anti-tracking secret that enables the wireless accessory to derive a new public key based on an existing public key.

After generating the public/private keypair and one or more additional shared secrets, the mobile device can store public/private key pair to a keystore (block 404). In one embodiment the keystore is a cloud-based keystore that can be synchronized with other devices associated with the same cloud services account, or family of cloud services accounts, to which the mobile device and wireless accessory are associated. The cloud-based keystore allows the wireless accessory to be located by other synchronized devices. The mobile device can then register the wireless accessory with a device management server (block 405). Registering the wireless accessory with the device management server can form an association between the wireless accessory and the cloud services account to which the mobile device is associated. The device management server can be associated with other cloud-based servers that are used to facilitate cloud-based services accessible to the mobile device, such as the device locator server 203 of FIG. 2 and FIG. 3.

As shown in FIG. 4B, method 410 includes an operation in which an electronic device launches a device locator UI (block 411). In response to launching the device locator UI, the electronic device, which can be a mobile device as described herein, or another electronic device associated with the same cloud services account as the mobile electronic device, can perform an operation to generate a set of public keys that were included within a beacon signal broadcast by a wireless accessory during a first period (block 412). The first period can be, for example, a previous 24 hours. The electronic device is aware of how often the wireless accessory is to generate or rotate to new public keys and, using a shared secret generated with the wireless accessory, can generate a set of public keys that correspond with the keys that were generated by the wireless accessory over the first period. The electronic device can then send the set of public keys within a request for the device locator server to send location data that corresponds with the set of public keys (block 413). In one embodiment, location data sent by the server in response to the request will be encrypted using the public key transmitted as the beacon identifier of the wireless accessory. The electronic device can decrypt the encrypted location data received by the server using the private key generated during the initial pairing with the wireless accessory (block 414). The electronic device can then process the location data to determine the highest probability location for the wireless accessory (block 415).

Processing the location data can include a variety of different operations. In one embodiment the location data includes latitude and longitude information along with a timestamp for which the location was determined. The electronic device can triangulate based on the timestamps and remove noise or outlier locations. In one embodiment the location data specifies the location of the finder device that detected the beacon. The location data can additionally include UWB ranging information and/or RSSI information for the beacon detected by the finder device. The electronic device can analyze the UWB ranging information and/or RSSI information in context with the device locations to develop a more accurate location for the wireless accessory. Data that can be transmitted by a finder device and used for location processing is shown in FIG. 10 and described below.

As shown in FIG. 4C, method 420 includes operations that can be performed if the device locator server does not have location data to provide to the electronic device in response to a request. The electronic device can generate a first set of public keys that were included within a beacon signal broadcast by wireless accessory during a first period (block 421). The first period can be, for example, 24 hours, although other initial search periods can be used. The electronic device can perform a subsequent operation to request the device locator server to send location data that corresponds with first set of public keys (block 422). If the data is returned by the server (block 423, “yes”), the electronic device can decrypt the location data received from the server using the private key that corresponds with the set of public keys (block 429).

If data is not returned by the server (block 423, “no”) the electronic device can generate a second set of public keys that were included within a beacon signal broadcast by the wireless accessory during a second period (block 424). The second period can be the 24, 48, or another number of hours before the first period. The electronic device can then request for the device locator server to send data that corresponds with the second set of public keys (block 425). If, in response to the request, data is returned by the server (block 426, “yes”), method 420 can proceed to block 429, in which the electronic device decrypts the received data. If data is not returned by the server (block 426, “no”), or the server sends a reply that indicates data is not available, method 420 includes for the electronic device can widen the search time by requesting successively older time periods until the max period is reached (block 427).

FIG. 5 is a flow diagram illustrating a method 500 of broadcasting a signal beacon at a wireless accessory, according to an embodiment. Aspects of method 500 are also illustrated in FIG. 2 and FIG. 3. Method 500 includes for the wireless accessory to derive a public key (block 502). The public key can be derived based on a shared secret and a timestamp determined based on a clock or time keeping device of the wireless accessory. The wireless accessory can then transmit a beacon signal at a first transmission interval, where the beacon signal includes the public key (block 503). The first transmission interval can vary, and in one embodiment is one beacon every two seconds.

After transmitting a beacon signal, the wireless accessory can listen for a response from the owner device. If the wireless signal receives a response from the owner device (block 504, “yes”), the wireless accessory can enter a near owner state (block 505) and begin to transmit the beacon signal at a second, slower transmission interval (block 507). If the wireless accessory does not receive a response from the owner device (block 504, “no”), the wireless accessory can continue beaconing at the first transmission interval (block 506).

Method 500 additionally includes for the wireless device, while beaconing, to rotate the public key every M minutes, where the value of M can vary across embodiments and/or based on the device state. Based on a timer expiration, counter, or another mechanism, the wireless accessory can determine whether the accessory has entered a new key period (block 508). While the wireless accessory has not entered a new key period (block 508, “no”), the accessory can continue beaconing using the current public key (block 510). When the wireless accessory detects that it has entered a new key period (block 508, “yes”) the accessory can derive a new public key using the current timestamp (block 509). In one embodiment the new public key can be derived using an existing public key, a timestamp, and an anti-tracking secret.

FIG. 6A-6B illustrate operations of a method 600 that can be performed by a finder device, according to embodiments described herein. Aspects of method 600 are also illustrated in FIG. 2 and FIG. 3.

As shown in FIG. 6A, method 600 includes for the finder device to perform a periodic beacon scan using a wireless baseband processor while an application processor of the finder device is in a low power mode (block 601). While the beacon scan can also be performed when the application processor is active, beacon scans can be performed by the wireless processor and a wireless radio receiver as a low power operation while the finder device is idle, inactive, or otherwise in a low power state. The finder device can store a timestamp and a beacon identifier to a beacon scan buffer for any beacon data received by the finder device (block 602). The beacon identifier, in one embodiment, is a public key that is generated by the wireless device based on a timestamp and a shared secret generated with the mobile device of the owner.

Method 600 additionally includes for the finder device to perform periodic Wi-Fi scans using the wireless processor while application processor is in a low power mode (block 603). While the Wi-Fi scans can also be performed when the application processor is active, Wi-Fi scans can be performed by the wireless processor and a wireless radio receiver as a low power operation while the finder device is idle, inactive, or otherwise in a low power state. The finder device can then store Wi-Fi service set identifiers (SSIDs) and scan timestamps to a Wi-Fi scan buffer on the finder device (block 604).

In one embodiment, the Wi-Fi scan buffer is a rolling buffer that stores the most recently detected SSIDs, while overwriting older detected SSIDs. In one embodiment the beacon scan buffer can be a fixed-size buffer having space for a pre-determined number of entries. The finder device can wake the application processor when the beacon scan buffer becomes full (block 605) and correlate those beacon scan with the most recently detected SSIDs in the Wi-Fi scan buffer. That correlation can enable the finder device to determine a set of device locations that correspond with received beacons based on Wi-Fi scan buffer data (block 606).

Method 600 continues in FIG. 6B and includes for the finder device to correlate device locations from the Wi-Fi scan buffer data with other location data if other location data is available (block 607), to generate refined device locations. If refined device locations are generated, the finder device can optionally combine the beacon data with refined device locations (block 608). The finder device can also add signal strength (RSSI) or ranging data to the location data (block 609). The signal strength and ranging data (e.g., UWB ranging data) can be gathered when the beacon signal is received by the finder device. The finder device can then encrypt the location data with one or more public keys received within the beacon data (block 610). The signal and ranging data may be encrypted along with the location data or can be send unencrypted along with the encrypted location data. The finder device can enqueue encrypted location data for transmission to the device locator server (block 611). The device locator server can be one of multiple cloud services servers to which communication is generally performed in a batched and throttled manner. A batch of encrypted data can be gathered and placed in the transmission queue until a transmit interval arrives, during which the finder device can transmit data to the cloud services servers (block 612). The encrypted data can be sent along with hashes of the beacon identifiers that correspond with the encrypted locations.

FIG. 7 illustrates the gathering of signal and ranging data by a finder device, according to an embodiment. In one embodiment, the finder device 202 can gather signal strength information (e.g., RSSI 704A-704N) for a beacon signal 301 received from the wireless accessory 201 across multiple locations 702A-702N. The finder device 202 can also represent multiple finder devices, such as the set of finder devices 303 in FIG. 3, where each finder device detects the beacon signal at a different location. Each finder device 202 can send different locations and signal strengths and the location and signal strength data received from the multiple finder devices will be aggregated by the device locator server. In one embodiment, where a finder device and the wireless device each include UWB radios, UWB ranging 706 can be performed if the finder device and the wireless device are within range of UWB transmissions. UWB ranging and signal strength data can be transmitted along with location data for the finder devices to the device locator server.

The owner device can retrieve the RSSI or UWB information from the device locator server along with location data, which in one embodiment is provided the form of latitude and longitude information, along with timestamps for which the locations were determined. The owner device can then use the location data, timestamps, and signal information to triangulate a most probable location for the wireless accessory 201.

FIG. 8 illustrates a networked system 800 for locating devices and wireless accessories, according to an embodiment. The system 800 also illustrates an exemplary server architecture for the device locator server 203, according to an embodiment. In one embodiment the device locator server 203 is a cluster of interconnected server devices, which may be physical or virtual servers within a single datacenter or distributed across multiple datacenters and/or geographic locations. As described above, the device locator server 203 can communicate with a mobile device 102 of an accessory owner or user and the set of finder devices 303 over a wide area network 114. The mobile device 102 includes a UI provided by a local or web application that enables the location of a wireless accessory and the finder devices 303 receive beacon signals from wireless accessories and transmits location data associated with the received signals to the device locator server 203.

In one embodiment the device locator server 203 includes a locator service front-end 803, an account database 825, a database cluster manager 813, and a set of database cluster nodes 823A-823C. The locator service front-end 803 is a front-end interface to which the mobile device 102 and the set of finder devices 303 can communicate. The account database 825 stores account profile data for accounts of a cloud service provider to which the mobile device 102 and the finder devices 303 are associated. The database cluster manager 813 can configure the database cluster nodes 823A-823C as a distributed location database that can store location, signal, and ranging data in association with beacon identifiers for signal beacons received by the set of finder devices 303.

In one embodiment, the account database 825 can contain a list of devices that are associated with each cloud services account. In response to a request to locate a given device, including a wireless accessory as described herein, the account database 825 can verify that the request is coming from a device that is authorized to request the location of the given device. In one embodiment, when a user launches a device locator UI and communicates with the locator service front-end 803, the locator service front-end can communicate with the account database 825 and provide a current or last known location for each device that is associated with a requesting user, including devices and/or wireless accessories associated with other users that are in a family of accounts associated with the requesting user.

In one embodiment, the database cluster manager 813 can select a database cluster node 823A-823C to which beacon data is to be stored by hashing the beacon ID associated with a set of location data. Each database cluster node 823A-823C can be associated with a range of hash values. The database cluster manager can then store location data to the cluster node that corresponds with the range of hash values associated with the hash of a given beacon ID. Although three database cluster nodes are illustrated, embodiments are not limited to any specific number of nodes and greater or fewer nodes may be used.

FIG. 9A-9C illustrate a device locator UI 204, according to an embodiment. FIG. 9A shows a first graphical user interface of the device locator UI 204, according to an embodiment, which shows a location for various electronic devices and wireless accessories of a user. FIG. 9B shows a second graphical user interface of the device locator UI 204, according to an embodiment, which enables a wireless accessory to be set to an alarm mode. FIG. 9C shows a third graphical user interface of the device locator UI 204, according to an embodiment, which enables a wireless accessory to be set to a lost mode.

As shown in FIG. 9A, the device locator UI 204 can be displayed on an electronic device 900, which can be a mobile device, or any other type of electronic device described herein. The device locator UI 204 can present a unified graphical interface through which multiple different types of devices and accessories can be located, including wireless devices with network or cellular access and wireless accessories without native network access. The device locator UI 204 can include a map 901 with a marker 902 that shows the current or last known location of a wireless device or accessory. The marker 902 can be an icon, image, graphic or any other user interface element that identifies the accessory and conveys a location for the accessory. A selectable element 903 in the device locator UI can present a description or name of the wireless device or accessory and can show an estimated distance between the wireless device or accessory and the current location of the electronic device 900.

As shown in FIG. 9B, the device locator UI 204 can present a second user interface that enables a wireless accessory to be set to an alarm mode. The second user interface can be displayed, in one embodiment, in response to the selection of the selectable element 903 shown in FIG. 9A. The second user interface can present a user interface element 904 that represents and/or describes the wireless accessory in question, as well as the map 901 and marker 902 that show the current or last known location of the wireless accessory. In one embodiment, the device locator UI 204 can present a selectable element 905, such as a button or another user interface element, that allows a user of the device locator UI 204 to place a selected wireless accessory into an alarm mode. While in the alarm mode, the wireless accessory can be configured to trigger a notification to the user if the wireless accessory is moved from its current location.

In one embodiment the wireless accessory can detect movement via an accelerometer or another type of motion sensor within the wireless accessory. The notification can be initiated by the wireless accessory by setting a flag in the data packet transmitted by the beacon signal of the wireless accessory that indicates the wireless accessory alarm has been triggered. In various embodiments, other trigger or notification modes can be used. In one embodiment, the alarm can optionally be triggered by the mobile device upon detection that the wireless accessory has moved out of range of the mobile device and is no longer in the near owner state. In one embodiment, the alarm can optionally be triggered when the wireless accessory is out of range of, or otherwise cannot be located by, any of the devices associated with the account or family of user accounts to which the wireless accessory is associated.

As shown in FIG. 9C, the device locator UI 204 can present a third graphical user interface that enables a wireless accessory to be set to a lost mode. In one embodiment, when a wireless accessory cannot be located via the device locator UI 204, the map 901 will not display a marker that indicates a location for the accessory. The device locator UI 204 can present the user interface element 904 that represents and/or describes the wireless accessory in question and a set of selectable user interface elements. One selectable user interface element 906 can present the option to notify the user when the accessory is found. When notify when found is enabled, in one embodiment the wireless accessory can be placed into a light lost mode. The electronic device associated with the device locator UI 204 can generate a set of public keys that the wireless accessory will broadcast with the beacon signal during a future time period (e.g., next 24 hours, next 48 hours, etc.). If a signal is detected by a finder device using one of the future keys, the device locator server can notify one or more electronic devices associated with the user.

Another selectable user interface element 907 can place the wireless accessory into an explicit lost mode. When explicitly placed into lost mode, the wireless accessory will be unable to be paired with other devices until the accessory is unlocked by the user or owner that places the device into lost mode. When sending a request to place a wireless accessory into lost mode, the requesting user can be required to enter authenticating information to ensure that the requesting user is authorized to request that lost mode be initiated on the lost accessory. The authenticating information can include a username or password associated with an account of a user, such as a cloud services account to which the user, electronic device, and wireless accessory are associated. The authenticating information can also include biometric information, such as a fingerprint or facial recognition data, voice recognition, iris recognition, and other biometric identification information.

In one embodiment, a message and contact information provided by the requesting user can be displayed on the user device to alert a person who finds the lost wireless accessory on how to contact the requesting user. In one embodiment, the message and contact information can be displayed when another user attempts to pair another electronic device with the lost accessory.

FIG. 10 illustrates an accessory pairing UI 302 that is displayed when attempting to pair with a lost wireless accessory, according to an embodiment. In one embodiment, when an electronic device 1000 that is different from the electronic device 900 of FIG. 9A and is not associated with the registered user or owner of a wireless accessory attempts to pair with a lost wireless accessory, the accessory pairing UI of the electronic device can be displayed as shown in FIG. 10. In one embodiment, the accessory pairing UI 302 can display a name or description 1001 associated with the wireless accessory, as well as a message 1002 entered by the user of the accessory upon placing the accessory into lost mode. Contact information 1004 can also be displayed, along with a user interface element 1006, such as a button, that enables the electronic device 1000 to contact the requesting user by using the provided contact information 1004.

Embodiments described herein include one or more application programming interfaces (APIs) in an environment in which calling program code interacts with other program code that is called through one or more programming interfaces. Various function calls, messages, or other types of invocations, which further may include various kinds of parameters, can be transferred via the APIs between the calling program and the code being called. In addition, an API may provide the calling program code the ability to use data types or classes defined in the API and implemented in the called program code.

An API allows a developer of an API-calling component (which may be a third-party developer) to leverage specified features provided by an API-implementing component. There may be one API-calling component or there may be more than one such component. An API can be a source code interface that a computer system or program library provides to support requests for services from an application. An operating system (OS) can have multiple APIs to allow applications running on the OS to call one or more of those APIs, and a service (such as a program library) can have multiple APIs to allow an application that uses the service to call one or more of those APIs. An API can be specified in terms of a programming language that can be interpreted or compiled when an application is built.

In some embodiments, the API-implementing component may provide more than one API, each providing a different view of or with different aspects that access different aspects of the functionality implemented by the API-implementing component. For example, one API of an API-implementing component can provide a first set of functions and can be exposed to third party developers, and another API of the API-implementing component can be hidden (not exposed) and provide a subset of the first set of functions and also provide another set of functions, such as testing or debugging functions which are not in the first set of functions. In other embodiments, the API-implementing component may itself call one or more other components via an underlying API and thus be both an API-calling component and an API-implementing component.

An API defines the language and parameters that API-calling components use when accessing and using specified features of the API-implementing component. For example, an API-calling component accesses the specified features of the API-implementing component through one or more API calls or invocations (embodied for example by function or method calls) exposed by the API and passes data and control information using parameters via the API calls or invocations. The API-implementing component may return a value through the API in response to an API call from an API-calling component. While the API defines the syntax and result of an API call (e.g., how to invoke the API call and what the API call does), the API may not reveal how the API call accomplishes the function specified by the API call. Various API calls are transferred via the one or more application programming interfaces between the calling (API-calling component) and an API-implementing component. Transferring the API calls may include issuing, initiating, invoking, calling, receiving, returning, or responding to the function calls or messages; in other words, transferring can describe actions by either of the API-calling component or the API-implementing component. The function calls or other invocations of the API may send or receive one or more parameters through a parameter list or other structure. A parameter can be a constant, key, data structure, object, object class, variable, data type, pointer, array, list or a pointer to a function or method or another way to reference a data or other item to be passed via the API.

Furthermore, data types or classes may be provided by the API and implemented by the API-implementing component. Thus, the API-calling component may declare variables, use pointers to, use or instantiate constant values of such types or classes by using definitions provided in the API.

Generally, an API can be used to access a service or data provided by the API-implementing component or to initiate performance of an operation or computation provided by the API-implementing component. By way of example, the API-implementing component and the API-calling component may each be any one of an operating system, a library, a device driver, an API, an application program, or other module (it should be understood that the API-implementing component and the API-calling component may be the same or different type of module from each other). API-implementing components may in some cases be embodied at least in part in firmware, microcode, or other hardware logic. In some embodiments, an API may allow a client program to use the services provided by a Software Development Kit (SDK) library. In other embodiments, an application or other client program may use an API provided by an Application Framework. In these embodiments, the application or client program may incorporate calls to functions or methods provided by the SDK and provided by the API or use data types or objects defined in the SDK and provided by the API. An Application Framework may in these embodiments provide a main event loop for a program that responds to various events defined by the Framework. The API allows the application to specify the events and the responses to the events using the Application Framework. In some implementations, an API call can report to an application the capabilities or state of a hardware device, including those related to aspects such as input capabilities and state, output capabilities and state, processing capability, power state, storage capacity and state, communications capability, etc., and the API may be implemented in part by firmware, microcode, or other low-level logic that executes in part on the hardware component.

The API-calling component may be a local component (i.e., on the same data processing system as the API-implementing component) or a remote component (i.e., on a different data processing system from the API-implementing component) that communicates with the API-implementing component through the API over a network. It should be understood that an API-implementing component may also act as an API-calling component (i.e., it may make API calls to an API exposed by a different API-implementing component) and an API-calling component may also act as an API-implementing component by implementing an API that is exposed to a different API-calling component.

The API may allow multiple API-calling components written in different programming languages to communicate with the API-implementing component (thus the API may include features for translating calls and returns between the API-implementing component and the API-calling component); however, the API may be implemented in terms of a specific programming language. An API-calling component can, in one embedment, call APIs from different providers such as a set of APIs from an OS provider and another set of APIs from a plug-in provider and another set of APIs from another provider (e.g., the provider of a software library) or creator of another set of APIs.

FIG. 11 is a block diagram illustrating an exemplary API architecture, which may be used in some embodiments of the invention. As shown in FIG. 11, the API architecture 1100 includes the API-implementing component 1110 (e.g., an operating system, a library, a device driver, an API, an application program, software or other module) that implements the API 1120. The API 1120 specifies one or more functions, methods, classes, objects, protocols, data structures, formats and/or other features of the API-implementing component that may be used by the API-calling component 1130. The API 1120 can specify at least one calling convention that specifies how a function in the API-implementing component receives parameters from the API-calling component and how the function returns a result to the API-calling component. The API-calling component 1130 (e.g., an operating system, a library, a device driver, an API, an application program, software or other module), makes API calls through the API 1120 to access and use the features of the API-implementing component 1110 that are specified by the API 1120. The API-implementing component 1110 may return a value through the API 1120 to the API-calling component 1130 in response to an API call.

It will be appreciated that the API-implementing component 1110 may include additional functions, methods, classes, data structures, and/or other features that are not specified through the API 1120 and are not available to the API-calling component 1130. It should be understood that the API-calling component 1130 may be on the same system as the API-implementing component 1110 or may be located remotely and accesses the API-implementing component 1110 using the API 1120 over a network. While FIG. 11 illustrates a single instance of the API-calling component 1130 interacting with the API 1120, it should be understood that other API-calling components, which may be written in different languages (or the same language) than the API-calling component 1130, may use the API 1120.

The API-implementing component 1110, the API 1120, and the API-calling component 1130 may be stored in a machine-readable medium, which includes any mechanism for storing information in a form readable by a machine (e.g., a computer or other data processing system). For example, a machine-readable medium includes magnetic disks, optical disks, random-access memory; read only memory, flash memory devices, etc.

FIG. 12 is a block diagram of a device architecture 1200 for a mobile or embedded device, according to an embodiment. The device architecture 1200 includes a memory interface 1202, one or more processors 1204 (e.g., data processors, image processors and/or graphics processors), and a peripherals interface 1206. The various components can be coupled by one or more communication buses or signal lines. The various components can be separate logical components or devices or can be integrated in one or more integrated circuits, such as in a system on a chip integrated circuit.

The memory interface 1202 can be coupled to memory 1250, which can include high-speed random-access memory such as static random-access memory (SRAM) or dynamic random-access memory (DRAM) and/or non-volatile memory, such as but not limited to flash memory (e.g., NAND flash, NOR flash, etc.).

Sensors, devices, and subsystems can be coupled to the peripherals interface 1206 to facilitate multiple functionalities. For example, a set of sensors 1210 including a motion sensor 1211, a light sensor 1212, and a proximity sensor 1214 can be coupled to the peripherals interface 1206 to facilitate the mobile device functionality. One or more biometric sensor(s) 1215 may also be present, such as a fingerprint scanner for fingerprint recognition or an image sensor for facial recognition. Other sensors 1216 can also be connected to the peripherals interface 1206, such as a positioning system (e.g., GPS receiver), a temperature sensor, or other sensing device, to facilitate related functionalities.

The device architecture 1200 additionally includes an audio/video system 1220. A camera subsystem 1221 and an optical sensor 1222, e.g., a charged coupled device (CCD) or a complementary metal-oxide semiconductor (CMOS) optical sensor, can be utilized to facilitate camera functions, such as recording photographs and video clips. An audio subsystem 1226 can be coupled to a speaker 1228 and a microphone 1230 to facilitate voice-enabled functions, such as voice recognition, voice replication, digital recording, and telephony functions. In smart media devices described herein, the audio subsystem 1226 can be a high-quality audio system including support for virtual surround sound.

Communication functions can be facilitated through one or more wireless communication subsystems 1224, which can include radio frequency receivers and transmitters and/or optical (e.g., infrared) receivers and transmitters. The specific design and implementation of the wireless communication subsystems 1224 can depend on the communication network(s) over which a mobile device is intended to operate. For example, a mobile device including the illustrated device architecture 1200 can include wireless communication subsystems 1224 designed to operate over a GSM network, a CDMA network, an LTE network, a Wi-Fi network, a Bluetooth network, or any other wireless network. In particular, the wireless communication subsystems 1224 can provide a communications mechanism over which a media playback application can retrieve resources from a remote media server or scheduled events from a remote calendar or event server.

The I/O subsystem 1240 can include a touchscreen controller 1242 and/or other input controller(s) 1245. For computing devices including a display device, the touchscreen controller 1242 can be coupled to a touch sensitive display system 1246 (e.g., touchscreen). The touch sensitive display system 1246 and touchscreen controller 1242 can, for example, detect contact and movement and/or pressure using any of a plurality of touch and pressure sensing technologies, including but not limited to capacitive, resistive, infrared, and surface acoustic wave technologies, as well as other proximity sensor arrays or other elements for determining one or more points of contact with a touch sensitive display system 1246. Display output for the touch sensitive display system 1246 can be generated by a display controller 1243. In one embodiment, the display controller 1243 can provide frame data to the touch sensitive display system 1246 at a variable frame rate.

In one embodiment, a sensor controller 1244 is included to monitor, control, and/or processes data received from one or more of the motion sensor 1211, light sensor 1212, proximity sensor 1214, or other sensors 1216. The sensor controller 1244 can include logic to interpret sensor data to determine the occurrence of one of more motion events or activities by analysis of the sensor data from the sensors.

In one embodiment, the I/O subsystem 1240 includes other input controller(s) 1245 that can be coupled to other input/control devices 1248, such as one or more buttons, rocker switches, thumb-wheel, infrared port, USB port, and/or a pointer device such as a stylus, or control devices such as an up/down button for volume control of the speaker 1228 and/or the microphone 1230.

In one embodiment, the memory 1250 coupled to the memory interface 1202 can store instructions for an operating system 1252, including portable operating system interface (POSIX) compliant and non-compliant operating system or an embedded operating system. The operating system 1252 may include instructions for handling basic system services and for performing hardware dependent tasks. In some implementations, the operating system 1252 can be a kernel.

The memory 1250 can also store communication instructions 1254 to facilitate communicating with one or more additional devices, one or more computers and/or one or more servers, for example, to retrieve web resources from remote web servers. The memory 1250 can also include user interface instructions 1256, including graphical user interface instructions to facilitate graphic user interface processing.

Additionally, the memory 1250 can store sensor processing instructions 1258 to facilitate sensor-related processing and functions; telephony instructions 1260 to facilitate telephone-related processes and functions; messaging instructions 1262 to facilitate electronic-messaging related processes and functions; web browser instructions 1264 to facilitate web browsing-related processes and functions; media processing instructions 1266 to facilitate media processing-related processes and functions; location services instructions including GPS and/or navigation instructions 1268 and Wi-Fi based location instructions to facilitate location based functionality; camera instructions 1270 to facilitate camera-related processes and functions; and/or other software instructions 1272 to facilitate other processes and functions, e.g., security processes and functions, and processes and functions related to the systems. The memory 1250 may also store other software instructions such as web video instructions to facilitate web video-related processes and functions; and/or web shopping instructions to facilitate web shopping-related processes and functions. In some implementations, the media processing instructions 1266 are divided into audio processing instructions and video processing instructions to facilitate audio processing-related processes and functions and video processing-related processes and functions, respectively. A mobile equipment identifier, such as an International Mobile Equipment Identity (IMEI) 1274 or a similar hardware identifier can also be stored in memory 1250.

Each of the above identified instructions and applications can correspond to a set of instructions for performing one or more functions described above. These instructions need not be implemented as separate software programs, procedures, or modules. The memory 1250 can include additional instructions or fewer instructions. Furthermore, various functions may be implemented in hardware and/or in software, including in one or more signal processing and/or application specific integrated circuits.

FIG. 13 is a block diagram of a computing system 1300, according to an embodiment. The illustrated computing system 1300 is intended to represent a range of computing systems (either wired or wireless) including, for example, desktop computer systems, laptop computer systems, tablet computer systems, cellular telephones, personal digital assistants (PDAs) including cellular-enabled PDAs, set top boxes, entertainment systems or other consumer electronic devices, smart appliance devices, or one or more implementations of a smart media playback device. Alternative computing systems may include more, fewer and/or different components. The computing system 1300 can be used to provide the computing device and/or a server device to which the computing device may connect.

The computing system 1300 includes an interconnect 1335 (e.g., bus, fabric) to enable communication between components of the computing system 1300. One or more processor(s) 1310 can coupled with the interconnect 1335. The computing system 1300 further may include memory 1320 in the form of random-access memory (RAM) or other dynamic storage device coupled to the interconnect 1335. The memory 1320 may store information and instructions that may be executed by processor(s) 1310. The memory 1320 may also be main memory that is used to store temporary variables or other intermediate information during execution of instructions by the processor(s) 1310.

The computing system 1300 may also include read only memory (ROM) 1330 and/or another data storage device 1340 coupled to the interconnect 1335 that may store information and instructions for the processor(s) 1310. The data storage device 1340 can be or include a variety of storage devices, such as a flash memory device, a magnetic disk, or an optical disc and may be coupled to computing system 1300 via the interconnect 1335 or via a remote peripheral interface.

The computing system 1300 may also be coupled, via the interconnect 1335, to a display device 1350 to display information to a user. The computing system 1300 can also include an alphanumeric input device 1360, including alphanumeric and other keys, which may be coupled to interconnect 1335 to communicate information and command selections to processor(s) 1310. Another type of user input device includes a cursor control 1370 device, such as a touchpad, a mouse, a trackball, or cursor direction keys to communicate direction information and command selections to processor(s) 1310 and to control cursor movement on the display device 1350. The computing system 1300 may also receive user input from a remote device that is communicatively coupled via one or more network interface(s) 1380.

The computing system 1300 further may include one or more network interface(s) 1380 to provide access to a network, such as a local area network. The network interface(s) 1380 may include, for example, a wireless network interface having antenna 1385, which may represent one or more antenna(e). The computing system 1300 can include multiple wireless network interfaces such as a combination of Wi-Fi, Bluetooth®, near field communication (NFC), and/or cellular telephony interfaces. The network interface(s) 1380 may also include, for example, a wired network interface to communicate with remote devices via network cable 1387, which may be, for example, an Ethernet cable, a coaxial cable, a fiber optic cable, a serial cable, or a parallel cable.

In one embodiment, the network interface(s) 1380 may provide access to a local area network, for example, by conforming to IEEE 802.11 wireless standards and/or the wireless network interface may provide access to a personal area network, for example, by conforming to Bluetooth standards. Other wireless network interfaces and/or protocols can also be supported. In addition to, or instead of, communication via wireless LAN standards, network interface(s) 1380 may provide wireless communications using, for example, Time Division, Multiple Access (TDMA) protocols, Global System for Mobile Communications (GSM) protocols, Code Division, Multiple Access (CDMA) protocols, Long Term Evolution (LTE) protocols, and/or any other type of wireless communications protocol.

The computing system 1300 can further include one or more power sources 1305 and one or more energy measurement systems 1345. Power sources 1305 can include an AC/DC adapter coupled to an external power source, one or more batteries, one or more charge storage devices, a USB charger, or other power source. Energy measurement systems include at least one voltage or amperage measuring device that can measure energy consumed by the computing system 1300 during a predetermined period of time. Additionally, one or more energy measurement systems can be included that measure, e.g., energy consumed by a display device, cooling subsystem, Wi-Fi subsystem, or other frequently used or high-energy consumption subsystem.

Location and Search Services

FIG. 14 illustrates a system 1400 to detect beacon advertisements for wireless accessories and devices, according to an embodiment. The system 1400 includes hardware components such as a Bluetooth controller 1433, an always on processor (AOP) 1459, a Wi-Fi controller 1463, as well as a multi-core application processor 1434. The multi-core application processor 1434 can execute the illustrated operating system daemons that facilitate location determination for detected wireless beacon signals. In one embodiment, operating system components include a Bluetooth daemon 1427, Wi-Fi daemon 1453, a location daemon 1401, and a search daemon 1437. While Bluetooth beacon signals are described, the techniques are not limited to Bluetooth advertisements and other types of wireless advertisements from wireless accessories can be used to for crowdsourced location determination of wireless accessories and devices.

The Bluetooth controller 1433 can perform include a low power scanner 1431 that performs operations while the controller is active. The low power scanner 1431 can be used to detect the presence of nearby Bluetooth (e.g., Bluetooth Low Energy) devices that are broadcasting advertisements using a wireless radio signal. Specific configuration details for the Bluetooth controller 1433 can be determined by the Bluetooth daemon 1427, which includes Bluetooth processor logic 1423 and object discovery logic 1425. The Bluetooth processor logic 1423 can control operations of the Bluetooth controller 1433. The object discovery logic 1425 can forward time tagged advertisements 1413 detected by the Bluetooth controller 1433 to the location daemon 1401 for further processing. In one embodiment, not all detected advertisements are forwarded for processing. Instead only advertisements that include a bit or flag that indicates that a location for the broadcasting device should be determined and uploaded to the cloud servers 1470, with other advertisements being disregarded for the purposes of the illustrated system 1400. In one embodiment, the Bluetooth controller 1433 is configured to filter scanned advertisements based on the type of advertisement and may store only the advertisements that include the bit or flag that indicates that a location for the broadcasting device should be determined and uploaded to the cloud servers 1470.

In one embodiment, the Bluetooth controller 1433 can perform scanning and processing operations while the application processor 1434 is in a low power state. Instead of continuously interrupting the application processor when advertisements are detected, the Bluetooth controller 1433 can buffer detected advertisements in a Bluetooth advertisement buffer 1429. The Bluetooth controller 1422 can include logic 1424 to deduplicate the Bluetooth advertisement buffer 1429 so that the buffer does not fill with the same advertisement. During a wake event for the application processor 1434, the Bluetooth advertisement buffer 1429 can be opportunistically unloaded. The application processor 1434, via the location daemon 1401, can attempt to match the detected advertisements with signal identifiers stored in a Wi-Fi scan buffer 1461 within the Wi-Fi controller 1463 to determine a set of Wi-Fi signals that were detected contemporaneously to the detection of the beacon advertisement.

Scanning operations 1465 can be performed by the Wi-Fi controller 1463 and detected signal identifiers can be stored in the Wi-Fi scan buffer 1461. In one embodiment the Wi-Fi scan buffer 1461 is a rolling buffer that stores the most recently detected SSIDs that are detected during, while overwriting older detected SSIDs. In one embodiment the Wi-Fi scan buffer can be a fixed-size buffer having space for a pre-determined number of entries. The Wi-Fi Daemon 1453 may configure the Wi-Fi controller 1463 to wake the application processor 1434 when the scan buffer becomes full or to simply overwrite older detected SSIDs based on the WSB wake/roll on full policy 1455 configured for the Wi-Fi daemon 1453.

The location daemon 1401 includes a cluster locations service interface 1403 and a cluster locations service sub-harvester 1405. The clusters location service interface 1403 is a service provider interface that enables the search daemon 1437 to query for location information, including information on wireless accessories that are tracked by the location query application 1435. The cluster locations service sub-harvester 1405 harvests time tagged advertisements 1413 and correlates them with location information. The cluster locations service sub-harvester 1405 receives the time tagged advertisements 1413 and stores the advertisements to a beacon cache 1407. Zipper logic 1409 uses data associated with a GPS provider 1415, Wi-Fi location provider 1417, signal environment provider 1419, and motion activity state 1421 to correlate time tagged location data with the time tagged advertisements 1413. This correlated data is provided to a service provider finder framework 1411, which delivers the correlated beacon data to a beacon payload cache 1441 within the search daemon 1437.

In one embodiment, the GPS provider 1415 provides location data that is determined via signals received from a GPS device in communication with a set of global positioning system satellites (e.g., global positioning system, global navigation satellite system, BeiDou-2, Galileo global navigation satellite system, etc.). In general, where GPS in particular, and satellite-based positioning services in general, are described herein, it will be understood that the described satellite positioning techniques can be performed using any global navigation satellite system (GNSS). Location can also be determined via a Wi-Fi location provider that estimates a device location based on detected Wi-Fi SSID and/or MAC addresses. Location estimates can be further refined based on the RSSI associated with the detected signals. The signal environment provider 1419 can provide classification data on, for example, whether GPS or Wi-Fi location is most optimal for a given geographic region. The signal environment provider 1419 can use an on-device classifier that estimates the likely accuracy of Wi-Fi location based on the number of detected Wi-Fi signals.

The motion activity state 1421 provides information on whether the finder device is stationary or in motion. The motion activity state 1421 can be determined based in part on motion updates 1457 provided by the AOP 1459. The AOP 1459 remains powered while other processors within the finder device are in a low power state. The AOP 1459 can collect data from motion sensors and defer the motion updates 1457 until the application processor 1434 or other processor wakes for the low power state.

The search daemon 1437 communicates with a location query application 1435 that can be used to present a device locator UI 204. The search daemon 1437 also communicates with a set of cloud servers 1470 via a network (e.g., device locator server 203 via network 114). The search daemon 1437 can process observations provided by the location daemon 1401 and provide those observations to the set of cloud servers 1470. The search daemon 1437 can also include an observation downloader and storage unit 1439 that downloads and stores location data for accessories and devices that are tracked by the location query application 1435. Location data can be downloaded from the cloud servers 1470 and queried from the location daemon 1401 via the cluster location service interface 1403.

The search daemon 1437 receives beacon data from the service provider finder framework 1411 and stores the beacon data in the beacon payload cache 1441. The search daemon 1437 includes logic 1443 to deduplicate the beacon payloads. The location data within the deduplicated beacon payloads is encrypted (1447) using the public key (e.g., beacon ID) that is broadcast with the beacon. The beacon data and associated encrypted locations can be stored in a beacon upload cache 1449 before being uploaded to the cloud servers 1470. When beacons data is ready to be uploaded, the search daemon 1437 can activate queue and request upload logic 1451. The queue and request upload logic 1451 can communicate with an activity scheduler 1445 to upload the data to the cloud servers 1470 during the next server upload interval. The number of beacons that are uploaded to the cloud servers 1470 can be limited. Additionally the data may be sent opportunistically when other unrelated data is to be transmitted over the network.

The uploaded beacon data includes the location associated with the beacon, which is encrypted using the public key transmitted as the beacon identifier, a timestamp associated with when the beacon was detected, and a hash of the public key used to encrypt the location data. The cloud servers 1470 can index the encrypted location data and timestamp using the hash of the public key. Using the hash of the public key prevents the cloud servers 1470 from gaining direct knowledge of the owner of the accessory associated with the stored data, while allowing the owner of the accessory to query for the device location using the hash of the public key, which is known to the owner of the accessory.

Separation Notices for Selected Beacon Peripherals

In one embodiment, a wireless accessory described herein can be a locator beacon device that can be used to track and/or locate other devices. The beacon can be leashed to a companion device, such as a smartphone device, and configured with “find me” and proximity profiles that allow the companion device to trigger an alert or ring on the beacon and to detect when the beacon is in within physical proximity of the companion device. In one embodiment, when the companion device goes outside of the range of the beacon device, the companion device can present a notice on the companion device the inform the user that the beacon peripheral is no longer with the user. Separation notices can be configured to alert or not alert a user when the user is at a selected location of interest. Some locations can be configured as safe locations. While in a safe locations, separation alerts will not be provided. In one embodiment, the companion device can allow connections to certain wireless accessories to drop while in a safe location to preserve the battery of the companion device and wireless accessory.

FIG. 15 illustrates a system 1500 to enable separation notices for selected wireless accessories, according to an embodiment. In one embodiment the system 1500 includes a variant of the location daemon 1401, Bluetooth daemon 1427, and search daemon 1437 of system 1400 of FIG. 14. During operation, the location daemon 1401 monitors the location of the companion device and will disconnect or attempt connections with the wireless accessory via the Bluetooth daemon 1427 based on whether the current location is a safe location. If the current location is not a safe location and the companion cannot connect to an accessory, a separation notification can be triggered.

Multiple operational scenarios are illustrated in FIG. 15. In one operational scenario, the search daemon 1437 monitors for events that indicate the paring of a new beacon (1567) or an update to existing beacon (1569). The search daemon 1437 can then post a beacons changed notification (1581) to the location daemon 1401. The location daemon 1401 receives the beacons state changed notification (1528), which causes the location daemon 1401 to fetch all beacons (1526) from the search daemon 1437. The search daemon 1437 performs a fetch all beacons operation (1563) to fetch beacon data from a database 1565. The search daemon 1437 then notifies the location daemon 1401 that all beacons have been fetched (1524).

In one embodiment the beacon data stored in the database 1565 includes beacon data (e.g., beacon IDs) or keys that can be used to generate beacon IDs, for example, when rolling beacon identifiers are in use. The location daemon 1401 can trigger an updated beacons event (1529) to begin leash monitoring for updated beacons. The location daemon 1401 can also trigger an updated safe locations event (1531) and start or stop monitoring for specific regions (1533). In one embodiment the regions monitored by the location daemon 1401 can be defined using geofence data.

In an additional operational scenario, the location daemon 1401 can monitor for a geofence entry (1511) into a safe location. Upon geofence entry, the location daemon 1401 can trigger an intentional disconnect operation (1512) for the beacon. The intentional disconnect operation (1512) can call into a disconnect peripheral function (1541) in the Bluetooth daemon 1427, which disconnects the Bluetooth connection with the beacon.

In an additional operational scenario, in response to a screen wake event (1501) or a geofence exit (1513), the location daemon 1401 can determine if the companion device is configured for leashing with a beacon peripheral but the beacon peripheral is not currently connected (1515). If leashing is not configured, then no additional operations (1523) are performed for this scenario. If leashing is configured, the location daemon 1401 determines whether the companion device is outside of a safe location (1517). If the companion device is not outside of a safe location (e.g., within a safe location), then no additional operations (1523) are performed for this scenario. If the companion device is outside of the safe location, then the location daemon 1401 can perform an operation to attempt a connection (1514) to the beacon peripheral. In this context, a safe location can be a location that has been identified to be a trusted location for the user. For example, a user can designate the home or office of the user or frequently visited locations as safe locations. In some embodiments, an electronic device of the user can infer or determine that a location is a safe location based on the user's daily routine. In one embodiment, the electronic device of the user can suggest safe locations based on the detected locations of interest of the user, which are locations that are frequently visited by the user.

To attempt the connection, the location daemon 1401 can call a connect peripheral function (1543) to attempt to establish a connection with the beacon peripheral. The Bluetooth daemon 1427 can determine if a connection is established (1545) in response to the connection attempt. If a connection is established, a “did connect” notification (1549) can be sent to the location daemon 1401. If the connection is not established, a “did fail to connect” notification (1551) can be sent to the location daemon 1401. If at any point after a connection is established, the Bluetooth daemon 1427 detects that a connection has been lost, the Bluetooth daemon 1427 can send a disconnection notification (1547) to the location daemon 1401.

At the location daemon 1401, in response to “a did fail to connect” notification (1551) or a disconnection notification (1547), the location daemon 1401 can trigger a failed to connect event (1520). The location daemon 1401 can then post a pending separation notification (1527) for the beacon peripheral. To post the pending separation notification can include placing a notification for the beacon peripheral into a notification queue. Displaying the separation notification can be deferred for a period of time while attempts are made to re-establish the connection with the beacon peripheral. The pending notification can be displayed via a user interface after a timeout period if the connection cannot be re-established.

Once the leash state of the beacon peripheral is determined to be changed (e.g., after a connect, disconnect, reconnect, or reconnect timeout). The location daemon 1401 can also update the leash state (1522) for the beacon peripheral to indicate that the beacon peripheral is out of proximity and/or disconnected. The update to the leash state (1522) can trigger a leash state update (1561) within the search daemon 1437. In one embodiment, the search daemon 1437 can track the leash state to determine whether the companion device should be actively scanning for a beacon identifier of the beacon peripheral.

In response to a disconnection notification (1547), the location daemon 1401 can trigger a reconnection attempt (1516), which causes an additional call into the connect peripheral function (1543). When an unconnected or disconnected state is detected for a beacon peripheral outside of a safe location, instead of immediately triggering a notification, a separation notification is placed in a pending state and the companion device can begin to aggressively scan for the beacon peripheral by increasing the rate at which advertisement beacons are scanned to faster than the normal scan rate. When the beacon peripheral detects a loss of connection with the companion device, the beacon peripheral can begin to aggressively broadcast its beacon advertisement by increasing the rate in which the beacons are advertised to faster than the normal advertisement rate. The aggressive scanning and advertising can occur for N number of seconds, where N may be, for example, fifteen seconds. In one embodiment, the value of N may be adjusted based on the motion state of the companion device. If the connection can be established, then the Bluetooth daemon 1427 will send a “did connect” notification (1549). If the connection cannot be established, the Bluetooth daemon 1427 will send the “did fail to connect” notification (1551).

At the location daemon 1401, in response to the “did connect” notification (1549) from the Bluetooth daemon 1427, a connection established event (1518) can be triggered and the location daemon 1401 can perform an operation (1519) to determine if any separation notifications are pending for the beacon peripheral. If any separation notices are pending for the beacon peripheral the location daemon can clear the pending notifications (1525). After clearing the pending notifications, the location daemon 1401 can update the leash state (1522) for the beacon peripheral, which triggers an additional leash state update (1561) in the search daemon 1437, which records the beacon peripheral as connected and/or in proximity. In one embodiment, the updated leash state can be stored in the database 1565.

Dynamic Connection Intervals

In one embodiment, the Bluetooth daemon 1427 may be required to simultaneously communicate with more Bluetooth devices than there are active communication slots available. For example, if the Bluetooth controller 1433 supports a maximum of M active data transfers, a connection to device M+1 may require an existing connection to be temporarily dropped, then subsequently re-obtained. In one embodiment, dynamic connection intervals can be used for beacon peripherals that are leashed via a Bluetooth Low Energy connection. Bluetooth Low Energy connections are pulsed connections, in which the communication hardware of the central and peripheral devices communicate in bursts during connection events is idle otherwise. The connection interval is a connection parameter that specifies the amount of time between connection events.

As with the beaconing and scan rates, the connection intervals can be varied dynamically. Initially, a default connection interval can be used for beacon peripherals. When a larger number of peripherals are in the area, a longer connection interval can be specified. During the period between the longer connection intervals, communication with multiple beacon peripherals can be performed using a single connection slot, allowing M+1 devices to be communicated with, although only M active connections are physically supported. Under some circumstances, the connection intervals can be further extended by adjusting the slave latency for the beacon peripheral. The slave latency specified for a beacon peripheral allows up to a specified number of connection events to be skipped, increasing the effective connection interval between the companion device and the beacon peripheral.

In one embodiment the beacon peripheral can support temporary disconnects to allow the companion device to engage in active communication with a larger number of devices. During a temporary disconnect, the companion device can indicate to the beacon peripheral that communication will be terminated for a period of time, then resumed. Near the end of the temporary disconnect period, the beacon peripheral can begin advertising aggressively (e.g., advertisement interval of less than 100 ms) to allow the companion device to re-acquire the beacon peripheral. In configurations where temporary disconnects are not supported by the beacon interval, the aggressive advertisement period and reconnect timeout for the beacon peripheral can be extended. In this configuration, the beacon peripheral can continue to aggressively advertise and attempt to reconnect with the companion device for longer than the default N number of seconds. On the companion device, a separation notification will not be posted during a temporary disconnect unless the companion device cannot reacquire the connection after the extended reconnect timeout.

Exemplary User Interfaces

FIG. 16A-16D illustrate user interfaces that present separation notifications for a beacon peripheral, according to an embodiment. In one embodiment, a companion device 1600, such as a smartphone device, can be paired with a beacon peripheral and can communicate with the beacon peripheral using the systems illustrated above.

As shown in FIG. 16A, the companion device 1600 can present a separation notification based on the connection state with the beacon peripheral and the notification settings for the beacon. In one embodiment, a user interface of the companion device 1600 can present an interface element 1602 that displays a separation notification on a lock screen 1601 of the companion device 1600. If the companion device 1600 is unlocked, a notification can be presented via a standard notification system of the companion device 1600.

As shown in FIG. 16B, while still on the lock screen 1601, a user can interact with the interface element 1602 that presents the separation notification to bring up a map view 1603. The map view 1603 can present a location icon 1605 for the beacon peripheral. The specific icon that is used for the location icon 1605 can vary based on the designation of the device to which the beacon peripheral is attached (e.g., key, bag, etc.). The location icon 1605 can display a last observed location for the beacon peripheral. The last observed location can be the last location last observed by the companion device. The last observed location can also be a last location observed for the beacon peripheral by a finder device, the finder device having uploaded the location to cloud servers 1470. Upon detecting a disconnection for a beacon peripheral, the companion device can query a device locator server (e.g., device locator server 203) within the cloud servers 1470 to determine if a location has been uploaded for the beacon peripheral. The device location server can be queried using a hash of the beacon identifier that is broadcast by the beacon peripheral. Where the beacon identifier is a rolling identifier, multiple identifiers for the peripheral device can be queried.

The map view 1603 can also present a current location indicator 1604. The map location indicator 1604 that shows a location that has been determined for the companion device. The map location indicator 1604 can include an uncertainty region that narrows as the location determination for the companion device becomes more certain. Additionally, an interface element 1606 can be presented to add the current location to the list of trusted (e.g., safe) locations. While in a trusted or safe location, separation notifications for the beacon peripheral will not be presented.

As shown in FIG. 16C, configuration software for the companion device 1600 can present a user interface that allows a user to perform operations with a beacon peripheral and configure notifications provided by the beacon peripheral. In one embodiment, a map view 1613 can be presented that is similar, but not necessarily identical to map view 1603. Information about the beacon identifier can be presented via the user interface. The user interface can present a name 1610 assigned to the beacon identifier (e.g., Alan's Keys), as well as a last observed location 1612. The last observed location can also display a time in which the last observation occurred. In various configurations, the last observed time can be an absolute time or a relative time. The user interface can also present a user interface element 1614 that allows the user to play a sound on the beacon peripheral. A variety of sounds can be configured for a beacon peripheral, allowing different accessories to play different sounds for use in locating the beacon peripheral. A user interface element 1615 can also be displayed that, when selected, presents directions to the last observed location of the beacon accessories. The directions can be presented as turn-by-turn navigation directions and may launch a mapping or navigation application.

In one embodiment the user interface can present an interface element 1616 that enables notifications to be configured for the beacon peripheral. The notification configuration can allow a user to specify when and how notifications are presented for the beacon peripheral. In one embodiment, the user interface can present an interface element 1618 that allows separation updates to be configured for the beacon peripheral. The interface element 1618 can also present a current configuration setting for separation notifications, as well as whether any exceptions (e.g., safe locations, trusted locations, etc.) have been configured.

As shown in FIG. 16D, a user interface can be presented on a companion device 1600 to configure separation notifications (e.g., separation updates) for a beacon peripheral. The user interface can present an interface element 1621 that enables separation notifications to be enabled or disabled for the beacon peripheral. The user interface can additionally present interface elements 1620, 1622, 1624 what provide an option to enable exceptions for the separation notifications. Interface elements 1620, 1622 can be presented for suggested exception locations (e.g., work, home, etc.) or an interface element 1624 can be presented to allow a location to be manually added by the user. For suggested locations, a selectable interface element 1625 can be presented that allows a user to enable or disable the suggested location as a safe location. Locations can be suggested based on user behavior detected via the companion device or using locations of interest (e.g., work, home, school, etc.) that may have been explicitly specified by the user.

Reference herein to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in conjunction with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase “in one embodiment” in various places in the specification do not necessarily all refer to the same embodiment. The processes depicted in the figures that follow can be performed by processing logic that comprises hardware (e.g. circuitry, dedicated logic, etc.), software (as instructions on a non-transitory machine-readable storage medium), or a combination of both hardware and software. Reference will be made in detail to various embodiments, examples of which are illustrated in the accompanying drawings. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, it will be apparent to one of ordinary skill in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components, circuits, and networks have not been described in detail so as not to unnecessarily obscure aspects of the embodiments.

It will also be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first contact could be termed a second contact, and, similarly, a second contact could be termed a first contact, without departing from the scope of the present invention. The first contact and the second contact are both contacts, but they are not the same contact.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting as to all embodiments. As used in the description of the invention and the appended claims, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term “and/or” as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

As used herein, the term “if” may be construed to mean “when” or “upon” or “in response to determining” or “in response to detecting,” depending on the context. Similarly, the phrase “if it is determined” or “if [a stated condition or event] is detected” may be construed to mean “upon determining” or “in response to determining” or “upon detecting [the stated condition or event]” or “in response to detecting [the stated condition or event],” depending on the context.

Computing devices, user interfaces for such devices, and associated processes for using such devices are described herein. In some embodiments, the computing device is a portable communications device such as a mobile telephone that also contains other functions, such as PDA and/or music player functions. In the description and figures of this application, where a wireless device, wireless accessory, or wireless accessory device is described or illustrated, unless stated otherwise the described or illustrated attributes can generally be applied to any type of wireless device, wirelesses accessory, or wireless accessory device that is capable of broadcasting a wireless beacon.

In the foregoing description, example embodiments of the disclosure have been described. It will be evident that various modifications can be made thereto without departing from the broader spirit and scope of the disclosure. The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense. The specifics in the descriptions and examples provided may be used anywhere in one or more embodiments. The various features of the different embodiments or examples may be variously combined with some features included and others excluded to suit a variety of different applications. Examples may include subject matter such as a method, means for performing acts of the method, at least one machine-readable medium including instructions that, when performed by a machine cause the machine to perform acts of the method, or of an apparatus or system according to embodiments and examples described herein. Additionally, various components described herein can be a means for performing the operations or functions described herein.

Embodiments described herein provide systems and methods to enable the display of separation notifications for wireless accessories, such as wireless beacon peripherals. In this context, a wireless beacon peripheral is a wireless device that is configured to transmit messages, beacons, advertisements, or other wireless transmissions, to other electronic devices to enable the other electronic devices to locate the wireless beacon peripheral.

In one embodiment, safe locations can be designated for beacon peripherals, such that separation notifications will not be presented for a beacon peripheral if the separation occurs within a location designated as a safe location for the peripheral. A safe location can be a location that has been identified to be a trusted location for the user. For example, a user can designate the home or office of the user or frequently visited locations as safe locations. In some embodiments, an electronic device of the user can infer or determine that a location is a safe location based on the user's daily routine. In one embodiment, wireless connections with beacon peripherals can be dropped while in a safe location to preserve the battery life of the peripheral and companion devices.

One embodiment provides for a non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, posting a separation notification for the beacon peripheral to a notification framework of the electronic device; deferring display of the notification during a reconnect interval; attempting to reconnect with the beacon peripheral during the reconnect interval; and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.

One embodiment provides for a non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, determining if the current location of the electronic device is indicated as a safe location for the beacon peripheral; and suppressing display of a separation notification for the beacon peripheral in response to a determination that the current location of the electronic device is a safe location.

Those skilled in the art will appreciate from the foregoing description that the broad techniques of the embodiments can be implemented in a variety of forms. Therefore, while the embodiments have been described in connection with particular examples thereof, the true scope of the embodiments should not be so limited since other modifications will become apparent to the skilled practitioner upon a study of the drawings, specification, and following claims. 

What is claimed is:
 1. A non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising: establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, posting a separation notification for the beacon peripheral to a notification framework of the electronic device; deferring display of the separation notification during a reconnect interval; attempting to reconnect with the beacon peripheral during the reconnect interval; and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.
 2. The non-transitory machine-readable medium as in claim 1, wherein the separation notification includes an identifier for the beacon peripheral and the identifier is a user-assigned name for the beacon peripheral.
 3. The non-transitory machine-readable medium as in claim 1, wherein establishing the wireless connection with the beacon peripheral includes pairing the beacon peripheral with the electronic device.
 4. The non-transitory machine-readable medium as in claim 3, wherein the wireless connection is a Bluetooth connection.
 5. The non-transitory machine-readable medium as in claim 1, the operations additionally comprising increasing a wireless scan rate of a wireless controller on the electronic device in response to detecting a loss of connection with the beacon peripheral.
 6. The non-transitory machine-readable medium as in claim 1, the operations additionally comprising: reconnecting with the beacon peripheral during the reconnect interval; and clearing a separation notification for the beacon peripheral.
 7. The non-transitory machine-readable medium as in claim 1, the operations additionally comprising: receiving, via the user interface, an indication of a selection of the separation notification; and displaying a map via the user interface in response to the indication of the selection of the separation notification, wherein the map includes an indication of an observed location of the beacon peripheral, wherein the indication of the observed location of the beacon peripheral is a location corresponding to detection of a wireless advertisement of the beacon peripheral.
 8. The non-transitory machine-readable medium as in claim 7, wherein the indication of the observed location of the beacon peripheral is the location corresponding to a detection of the wireless advertisement of the beacon peripheral by the electronic device.
 9. The non-transitory machine-readable medium as in claim 7, wherein the indication of the observed location of the beacon peripheral is the location corresponding to a detection of the wireless advertisement of the beacon peripheral by a finder electronic device, the finder electronic device having uploaded the location to a device locator server.
 10. The non-transitory machine-readable medium as in claim 9, the operations additionally comprising: querying the device locator server for a location of the beacon peripheral before displaying the indication of the observed location of the beacon peripheral on the map; receiving a location for the beacon peripheral from the device locator server, wherein the location is encrypted via a public key associated with the beacon peripheral; decrypting the location for the beacon peripheral using a private key associated with the beacon peripheral; determining a location on the map to display the indication of the observed location of the beacon peripheral; and displaying the indication of the observed location of the beacon peripheral.
 11. The non-transitory machine-readable medium as in claim 10, the operations additionally comprising adjusting a connection interval of the beacon peripheral based on a number of peripherals that are wirelessly connected to the electronic device.
 12. A non-transitory machine-readable medium storing instructions to cause one or more processors of an electronic device to perform operations comprising: establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, determining if a current location of the electronic device is indicated as a safe location for the beacon peripheral; and suppressing display of a separation notification for the beacon peripheral in response to a determination that the current location of the electronic device is a safe location.
 13. The non-transitory machine-readable medium as in claim 12, wherein the wireless connection is a Bluetooth connection.
 14. The non-transitory machine-readable medium as in claim 12, the operations additionally comprising: attempting to reconnect with the beacon peripheral after detecting a loss of connection with the beacon peripheral in response to a determination that the current location of the electronic device is not a safe location; and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.
 15. The non-transitory machine-readable medium as in claim 14, the operations additionally comprising presenting an interface element to designate a current location of the electronic device as a safe location.
 16. The non-transitory machine-readable medium as in claim 12, the operations additionally comprising: detecting entry into a geofence associated with the safe location for the beacon peripheral; and requesting a daemon associated with a wireless controller to disconnect the wireless connection with the beacon peripheral.
 17. The non-transitory machine-readable medium as in claim 16, the operations additionally comprising: detecting exit from a geofence associated with the safe location; requesting a daemon associated with a wireless controller to re-establish the wireless connection to the beacon peripheral; and displaying the separation notification via a user interface in response to a failure to re-establish the wireless connection to the beacon peripheral.
 18. A method performed by one or more processors of an electronic device, the method comprising: establishing a wireless connection with a beacon peripheral; monitoring a connection state of the wireless connection; in response to detecting a loss of connection with the beacon peripheral, posting a separation notification for the beacon peripheral to a notification framework of the electronic device; deferring display of the separation notification during a reconnect interval; attempting to reconnect with the beacon peripheral during the reconnect interval; and displaying the separation notification via a user interface in response to a failure to reconnect with the beacon peripheral.
 19. The method as in claim 18, wherein the separation notification includes an identifier for the beacon peripheral.
 20. The method as in claim 18, wherein establishing the wireless connection with the beacon peripheral includes pairing the beacon peripheral with the electronic device. 